Using the Client

To use the client for AWS Certificate Manager you will first need
to create a new instance of it.

When creating a client for an AWS service you'll first need to have a Session
already created. The Session provides configuration that can be shared
between multiple service clients. Additional configuration can be applied to
the Session and service's client when they are constructed. The aws package's
Config type contains several fields such as Region for the AWS Region the
client should make API requests too. The optional Config value can be provided
as the variadic argument for Sessions and client creation.

Once the service's client is created you can use it to make API requests the
AWS service. These clients are safe to use concurrently.

Once the client is created you can make an API request to the service.
Each API method takes a input parameter, and returns the service response
and an error.

The API method will document which error codes the service can be returned
by the operation if the service models the API operation's errors. These
errors will also be available as const strings prefixed with "ErrCode".

Using the Client with Context

The service's client also provides methods to make API requests with a Context
value. This allows you to control the timeout, and cancellation of pending
requests. These methods also take request Option as variadic parameter to apply
additional configuration to the API request.

Package files

Internal call graph ▹

Internal call graph ▾

In the call graph viewer below, each node
is a function belonging to this package
and its children are the functions it
calls—perhaps dynamically.

The root nodes are the entry points of the
package: functions that may be called from
outside the package.
There may be non-exported or anonymous
functions among them if they are called
dynamically from another package.

Click a node to visit that function's source code.
From there you can visit its callers by
clicking its declaring func
token.

Functions may be omitted if they were
determined to be unreachable in the
particular programs or tests that were
analyzed.

const (
// ErrCodeInvalidArnException for service response error code// "InvalidArnException".//// The requested Amazon Resource Name (ARN) does not refer to an existing resource.
ErrCodeInvalidArnException = "InvalidArnException"
// ErrCodeInvalidDomainValidationOptionsException for service response error code// "InvalidDomainValidationOptionsException".//// One or more values in the DomainValidationOption structure is incorrect.
ErrCodeInvalidDomainValidationOptionsException = "InvalidDomainValidationOptionsException"
// ErrCodeInvalidStateException for service response error code// "InvalidStateException".//// Processing has reached an invalid state. For example, this exception can// occur if the specified domain is not using email validation, or the current// certificate status does not permit the requested operation. See the exception// message returned by ACM to determine which state is not valid.
ErrCodeInvalidStateException = "InvalidStateException"
// ErrCodeInvalidTagException for service response error code// "InvalidTagException".//// One or both of the values that make up the key-value pair is not valid. For// example, you cannot specify a tag value that begins with aws:.
ErrCodeInvalidTagException = "InvalidTagException"
// ErrCodeLimitExceededException for service response error code// "LimitExceededException".//// An ACM limit has been exceeded. For example, you may have input more domains// than are allowed or you've requested too many certificates for your account.// See the exception message returned by ACM to determine which limit you have// violated. For more information about ACM limits, see the Limits (http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html)// topic.
ErrCodeLimitExceededException = "LimitExceededException"
// ErrCodeRequestInProgressException for service response error code// "RequestInProgressException".//// The certificate request is in process and the certificate in your account// has not yet been issued.
ErrCodeRequestInProgressException = "RequestInProgressException"
// ErrCodeResourceInUseException for service response error code// "ResourceInUseException".//// The certificate is in use by another AWS service in the caller's account.// Remove the association and try again.
ErrCodeResourceInUseException = "ResourceInUseException"
// ErrCodeResourceNotFoundException for service response error code// "ResourceNotFoundException".//// The specified certificate cannot be found in the caller's account, or the// caller's account cannot be found.
ErrCodeResourceNotFoundException = "ResourceNotFoundException"
// ErrCodeTooManyTagsException for service response error code// "TooManyTagsException".//// The request contains too many tags. Try the request again with fewer tags.
ErrCodeTooManyTagsException = "TooManyTagsException"
)

Adds one or more tags to an ACM Certificate. Tags are labels that you can
use to identify and organize your AWS resources. Each tag consists of a key
and an optional value. You specify the certificate on input by its Amazon
Resource Name (ARN). You specify the tag by using a key-value pair.

You can apply a tag to just one certificate if you want to identify a specific
characteristic of that certificate, or you can apply the same tag to multiple
certificates if you want to filter for a common relationship among those
certificates. Similarly, you can apply the same tag to multiple resources
if you want to specify a relationship among those resources. For example,
you can add the same tag to an ACM Certificate and an Elastic Load Balancing
load balancer to indicate that they are both used by the same website. For
more information, see Tagging ACM Certificates (http://docs.aws.amazon.com/acm/latest/userguide/tags.html).

To remove one or more tags, use the RemoveTagsFromCertificate action. To
view all of the tags that have been applied to the certificate, use the ListTagsForCertificate
action.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions
with awserr.Error's Code and Message methods to get detailed information about
the error.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeInvalidArnException "InvalidArnException"
The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* ErrCodeInvalidTagException "InvalidTagException"
One or both of the values that make up the key-value pair is not valid. For
example, you cannot specify a tag value that begins with aws:.
* ErrCodeTooManyTagsException "TooManyTagsException"
The request contains too many tags. Try the request again with fewer tags.

AddTagsToCertificateRequest generates a "aws/request.Request" representing the
client's request for the AddTagsToCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See AddTagsToCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the AddTagsToCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

AddTagsToCertificateWithContext is the same as AddTagsToCertificate with the addition of
the ability to pass a context and additional request options.

See AddTagsToCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

Deletes an ACM Certificate and its associated private key. If this action
succeeds, the certificate no longer appears in the list of ACM Certificates
that can be displayed by calling the ListCertificates action or be retrieved
by calling the GetCertificate action. The certificate will not be available
for use by other AWS services.

You cannot delete an ACM Certificate that is being used by another AWS service.
To delete a certificate that is in use, the certificate association must
first be removed.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions
with awserr.Error's Code and Message methods to get detailed information about
the error.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeResourceInUseException "ResourceInUseException"
The certificate is in use by another AWS service in the caller's account.
Remove the association and try again.
* ErrCodeInvalidArnException "InvalidArnException"
The requested Amazon Resource Name (ARN) does not refer to an existing resource.

DeleteCertificateRequest generates a "aws/request.Request" representing the
client's request for the DeleteCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See DeleteCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the DeleteCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

DeleteCertificateWithContext is the same as DeleteCertificate with the addition of
the ability to pass a context and additional request options.

See DeleteCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeInvalidArnException "InvalidArnException"
The requested Amazon Resource Name (ARN) does not refer to an existing resource.

DescribeCertificateRequest generates a "aws/request.Request" representing the
client's request for the DescribeCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See DescribeCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the DescribeCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

DescribeCertificateWithContext is the same as DescribeCertificate with the addition of
the ability to pass a context and additional request options.

See DescribeCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

Retrieves an ACM Certificate and certificate chain for the certificate specified
by an ARN. The chain is an ordered list of certificates that contains the
root certificate, intermediate certificates of subordinate CAs, and the ACM
Certificate. The certificate and certificate chain are base64 encoded. If
you want to decode the certificate chain to see the individual certificate
fields, you can use OpenSSL.

Currently, ACM Certificates can be used only with Elastic Load Balancing
and Amazon CloudFront.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions
with awserr.Error's Code and Message methods to get detailed information about
the error.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeRequestInProgressException "RequestInProgressException"
The certificate request is in process and the certificate in your account
has not yet been issued.
* ErrCodeInvalidArnException "InvalidArnException"
The requested Amazon Resource Name (ARN) does not refer to an existing resource.

GetCertificateRequest generates a "aws/request.Request" representing the
client's request for the GetCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See GetCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the GetCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

GetCertificateWithContext is the same as GetCertificate with the addition of
the ability to pass a context and additional request options.

See GetCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

To import a certificate, you must provide the certificate and the matching
private key. When the certificate is not self-signed, you must also provide
a certificate chain. You can omit the certificate chain when importing a
self-signed certificate.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeLimitExceededException "LimitExceededException"
An ACM limit has been exceeded. For example, you may have input more domains
than are allowed or you've requested too many certificates for your account.
See the exception message returned by ACM to determine which limit you have
violated. For more information about ACM limits, see the Limits (http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html)
topic.

ImportCertificateRequest generates a "aws/request.Request" representing the
client's request for the ImportCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See ImportCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the ImportCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

ImportCertificateWithContext is the same as ImportCertificate with the addition of
the ability to pass a context and additional request options.

See ImportCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

ListCertificatesPagesWithContext same as ListCertificatesPages except
it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

ListCertificatesRequest generates a "aws/request.Request" representing the
client's request for the ListCertificates operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See ListCertificates for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the ListCertificates method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

ListCertificatesWithContext is the same as ListCertificates with the addition of
the ability to pass a context and additional request options.

See ListCertificates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

Lists the tags that have been applied to the ACM Certificate. Use the certificate's
Amazon Resource Name (ARN) to specify the certificate. To add a tag to an
ACM Certificate, use the AddTagsToCertificate action. To delete a tag, use
the RemoveTagsFromCertificate action.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions
with awserr.Error's Code and Message methods to get detailed information about
the error.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeInvalidArnException "InvalidArnException"
The requested Amazon Resource Name (ARN) does not refer to an existing resource.

ListTagsForCertificateRequest generates a "aws/request.Request" representing the
client's request for the ListTagsForCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See ListTagsForCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the ListTagsForCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

ListTagsForCertificateWithContext is the same as ListTagsForCertificate with the addition of
the ability to pass a context and additional request options.

See ListTagsForCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

Remove one or more tags from an ACM Certificate. A tag consists of a key-value
pair. If you do not specify the value portion of the tag when calling this
function, the tag will be removed regardless of value. If you specify a value,
the tag is removed only if it is associated with the specified value.

To add tags to a certificate, use the AddTagsToCertificate action. To view
all of the tags that have been applied to a specific ACM Certificate, use
the ListTagsForCertificate action.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions
with awserr.Error's Code and Message methods to get detailed information about
the error.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeInvalidArnException "InvalidArnException"
The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* ErrCodeInvalidTagException "InvalidTagException"
One or both of the values that make up the key-value pair is not valid. For
example, you cannot specify a tag value that begins with aws:.

RemoveTagsFromCertificateRequest generates a "aws/request.Request" representing the
client's request for the RemoveTagsFromCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See RemoveTagsFromCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the RemoveTagsFromCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

RemoveTagsFromCertificateWithContext is the same as RemoveTagsFromCertificate with the addition of
the ability to pass a context and additional request options.

See RemoveTagsFromCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

Requests an ACM Certificate for use with other AWS services. To request an
ACM Certificate, you must specify the fully qualified domain name (FQDN)
for your site. You can also specify additional FQDNs if users can reach your
site by using other names. For each domain name you specify, email is sent
to the domain owner to request approval to issue the certificate. After receiving
approval from the domain owner, the ACM Certificate is issued. For more information,
see the AWS Certificate Manager User Guide (http://docs.aws.amazon.com/acm/latest/userguide/).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions
with awserr.Error's Code and Message methods to get detailed information about
the error.

* ErrCodeLimitExceededException "LimitExceededException"
An ACM limit has been exceeded. For example, you may have input more domains
than are allowed or you've requested too many certificates for your account.
See the exception message returned by ACM to determine which limit you have
violated. For more information about ACM limits, see the Limits (http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html)
topic.
* ErrCodeInvalidDomainValidationOptionsException "InvalidDomainValidationOptionsException"
One or more values in the DomainValidationOption structure is incorrect.

RequestCertificateRequest generates a "aws/request.Request" representing the
client's request for the RequestCertificate operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See RequestCertificate for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the RequestCertificate method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

RequestCertificateWithContext is the same as RequestCertificate with the addition of
the ability to pass a context and additional request options.

See RequestCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

Resends the email that requests domain ownership validation. The domain owner
or an authorized representative must approve the ACM Certificate before it
can be issued. The certificate can be approved by clicking a link in the
mail to navigate to the Amazon certificate approval website and then clicking
I Approve. However, the validation email can be blocked by spam filters.
Therefore, if you do not receive the original mail, you can request that
the mail be resent within 72 hours of requesting the ACM Certificate. If
more than 72 hours have elapsed since your original request or since your
last attempt to resend validation mail, you must request a new certificate.
For more information about setting up your contact email addresses, see Configure
Email for your Domain (http://docs.aws.amazon.com/acm/latest/userguide/setup-email.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions
with awserr.Error's Code and Message methods to get detailed information about
the error.

* ErrCodeResourceNotFoundException "ResourceNotFoundException"
The specified certificate cannot be found in the caller's account, or the
caller's account cannot be found.
* ErrCodeInvalidStateException "InvalidStateException"
Processing has reached an invalid state. For example, this exception can
occur if the specified domain is not using email validation, or the current
certificate status does not permit the requested operation. See the exception
message returned by ACM to determine which state is not valid.
* ErrCodeInvalidArnException "InvalidArnException"
The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* ErrCodeInvalidDomainValidationOptionsException "InvalidDomainValidationOptionsException"
One or more values in the DomainValidationOption structure is incorrect.

ResendValidationEmailRequest generates a "aws/request.Request" representing the
client's request for the ResendValidationEmail operation. The "output" return
value can be used to capture response data after the request's "Send" method
is called.

See ResendValidationEmail for usage and error information.

Creating a request object using this method should be used when you want to inject
custom logic into the request's lifecycle using a custom handler, or if you want to
access properties on the request object before or after sending the request. If
you just want the service response, call the ResendValidationEmail method directly
instead.

Note: You must call the "Send" method on the returned request object in order
to execute the request.

ResendValidationEmailWithContext is the same as ResendValidationEmail with the addition of
the ability to pass a context and additional request options.

See ResendValidationEmail for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If
the context is nil a panic will occur. In the future the SDK may create
sub-contexts for http.Requests. See https://golang.org/pkg/context/
for more information on using Contexts.

type AddTagsToCertificateInput struct {
// String that contains the ARN of the ACM Certificate to which the tag is to// be applied. This must be of the form://// arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012//// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).//// CertificateArn is a required field
CertificateArn *string `min:"20" type:"string" required:"true"`
// The key-value pair that defines the tag. The tag value is optional.//// Tags is a required field
Tags []*Tag `min:"1" type:"list" required:"true"`
// contains filtered or unexported fields
}

type CertificateDetail struct {
// The Amazon Resource Name (ARN) of the certificate. For more information about// ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)// in the AWS General Reference.
CertificateArn *string `min:"20" type:"string"`
// The time at which the certificate was requested. This value exists only when// the certificate type is AMAZON_ISSUED.
CreatedAt *time.Time `type:"timestamp" timestampFormat:"unix"`
// The fully qualified domain name for the certificate, such as www.example.com// or example.com.
DomainName *string `min:"1" type:"string"`
// Contains information about the initial validation of each domain name that// occurs as a result of the RequestCertificate request. This field exists only// when the certificate type is AMAZON_ISSUED.
DomainValidationOptions []*DomainValidation `min:"1" type:"list"`
// The reason the certificate request failed. This value exists only when the// certificate status is FAILED. For more information, see Certificate Request// Failed (http://docs.aws.amazon.com/acm/latest/userguide/troubleshooting.html#troubleshooting-failed)// in the AWS Certificate Manager User Guide.
FailureReason *string `type:"string" enum:"FailureReason"`
// The date and time at which the certificate was imported. This value exists// only when the certificate type is IMPORTED.
ImportedAt *time.Time `type:"timestamp" timestampFormat:"unix"`
// A list of ARNs for the AWS resources that are using the certificate. A certificate// can be used by multiple AWS resources.
InUseBy []*string `type:"list"`
// The time at which the certificate was issued. This value exists only when// the certificate type is AMAZON_ISSUED.
IssuedAt *time.Time `type:"timestamp" timestampFormat:"unix"`
// The name of the certificate authority that issued and signed the certificate.
Issuer *string `type:"string"`
// The algorithm that was used to generate the key pair (the public and private// key).
KeyAlgorithm *string `type:"string" enum:"KeyAlgorithm"`
// The time after which the certificate is not valid.
NotAfter *time.Time `type:"timestamp" timestampFormat:"unix"`
// The time before which the certificate is not valid.
NotBefore *time.Time `type:"timestamp" timestampFormat:"unix"`
// Contains information about the status of ACM's managed renewal (http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html)// for the certificate. This field exists only when the certificate type is// AMAZON_ISSUED.
RenewalSummary *RenewalSummary `type:"structure"`
// The reason the certificate was revoked. This value exists only when the certificate// status is REVOKED.
RevocationReason *string `type:"string" enum:"RevocationReason"`
// The time at which the certificate was revoked. This value exists only when// the certificate status is REVOKED.
RevokedAt *time.Time `type:"timestamp" timestampFormat:"unix"`
// The serial number of the certificate.
Serial *string `type:"string"`
// The algorithm that was used to sign the certificate.
SignatureAlgorithm *string `type:"string"`
// The status of the certificate.
Status *string `type:"string" enum:"CertificateStatus"`
// The name of the entity that is associated with the public key contained in// the certificate.
Subject *string `type:"string"`
// One or more domain names (subject alternative names) included in the certificate.// This list contains the domain names that are bound to the public key that// is contained in the certificate. The subject alternative names include the// canonical domain name (CN) of the certificate and additional domain names// that can be used to connect to the website.
SubjectAlternativeNames []*string `min:"1" type:"list"`
// The source of the certificate. For certificates provided by ACM, this value// is AMAZON_ISSUED. For certificates that you imported with ImportCertificate,// this value is IMPORTED. ACM does not provide managed renewal (http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html)// for imported certificates. For more information about the differences between// certificates that you import and those that ACM provides, see Importing Certificates// (http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html)// in the AWS Certificate Manager User Guide.
Type *string `type:"string" enum:"CertificateType"`
// contains filtered or unexported fields
}

type CertificateSummary struct {
// Amazon Resource Name (ARN) of the certificate. This is of the form://// arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012//// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).
CertificateArn *string `min:"20" type:"string"`
// Fully qualified domain name (FQDN), such as www.example.com or example.com,// for the certificate.
DomainName *string `min:"1" type:"string"`
// contains filtered or unexported fields
}

type DeleteCertificateInput struct {
// String that contains the ARN of the ACM Certificate to be deleted. This must// be of the form://// arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012//// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).//// CertificateArn is a required field
CertificateArn *string `min:"20" type:"string" required:"true"`
// contains filtered or unexported fields
}

type DescribeCertificateInput struct {
// The Amazon Resource Name (ARN) of the ACM Certificate. The ARN must have// the following form://// arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012//// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).//// CertificateArn is a required field
CertificateArn *string `min:"20" type:"string" required:"true"`
// contains filtered or unexported fields
}

type DomainValidationOption struct {
// A fully qualified domain name (FQDN) in the certificate request.//// DomainName is a required field
DomainName *string `min:"1" type:"string" required:"true"`
// The domain name that you want ACM to use to send you validation emails. This// domain name is the suffix of the email addresses that you want ACM to use.// This must be the same as the DomainName value or a superdomain of the DomainName// value. For example, if you request a certificate for testing.example.com,// you can specify example.com for this value. In that case, ACM sends domain// validation emails to the following five addresses://// * admin@example.com//// * administrator@example.com//// * hostmaster@example.com//// * postmaster@example.com//// * webmaster@example.com//// ValidationDomain is a required field
ValidationDomain *string `min:"1" type:"string" required:"true"`
// contains filtered or unexported fields
}

type ImportCertificateInput struct {
// The certificate to import. It must meet the following requirements://// * Must be PEM-encoded.//// * Must contain a 1024-bit or 2048-bit RSA public key.//// * Must be valid at the time of import. You cannot import a certificate// before its validity period begins (the certificate's NotBefore date) or// after it expires (the certificate's NotAfter date).//// Certificate is automatically base64 encoded/decoded by the SDK.//// Certificate is a required field
Certificate []byte `min:"1" type:"blob" required:"true"`
// The Amazon Resource Name (ARN) (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)// of an imported certificate to replace. To import a new certificate, omit// this field.
CertificateArn *string `min:"20" type:"string"`
// The certificate chain. It must be PEM-encoded.//// CertificateChain is automatically base64 encoded/decoded by the SDK.
CertificateChain []byte `min:"1" type:"blob"`
// The private key that matches the public key in the certificate. It must meet// the following requirements://// * Must be PEM-encoded.//// * Must be unencrypted. You cannot import a private key that is protected// by a password or passphrase.//// PrivateKey is automatically base64 encoded/decoded by the SDK.//// PrivateKey is a required field
PrivateKey []byte `min:"1" type:"blob" required:"true"`
// contains filtered or unexported fields
}

type ListCertificatesInput struct {
// The status or statuses on which to filter the list of ACM Certificates.
CertificateStatuses []*string `type:"list"`
// Use this parameter when paginating results to specify the maximum number// of items to return in the response. If additional items exist beyond the// number you specify, the NextToken element is sent in the response. Use this// NextToken value in a subsequent request to retrieve additional items.
MaxItems *int64 `min:"1" type:"integer"`
// Use this parameter only when paginating results and only in a subsequent// request after you receive a response with truncated results. Set it to the// value of NextToken from the response you just received.
NextToken *string `min:"1" type:"string"`
// contains filtered or unexported fields
}

type ListCertificatesOutput struct {
// A list of ACM Certificates.
CertificateSummaryList []*CertificateSummary `type:"list"`
// When the list is truncated, this value is present and contains the value// to use for the NextToken parameter in a subsequent pagination request.
NextToken *string `min:"1" type:"string"`
// contains filtered or unexported fields
}

type ListTagsForCertificateInput struct {
// String that contains the ARN of the ACM Certificate for which you want to// list the tags. This has the following form://// arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012//// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).//// CertificateArn is a required field
CertificateArn *string `min:"20" type:"string" required:"true"`
// contains filtered or unexported fields
}

type RemoveTagsFromCertificateInput struct {
// String that contains the ARN of the ACM Certificate with one or more tags// that you want to remove. This must be of the form://// arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012//// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html).//// CertificateArn is a required field
CertificateArn *string `min:"20" type:"string" required:"true"`
// The key-value pair that defines the tag to remove.//// Tags is a required field
Tags []*Tag `min:"1" type:"list" required:"true"`
// contains filtered or unexported fields
}

type RenewalSummary struct {
// Contains information about the validation of each domain name in the certificate,// as it pertains to ACM's managed renewal (http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html).// This is different from the initial validation that occurs as a result of// the RequestCertificate request. This field exists only when the certificate// type is AMAZON_ISSUED.//// DomainValidationOptions is a required field
DomainValidationOptions []*DomainValidation `min:"1" type:"list" required:"true"`
// The status of ACM's managed renewal (http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html)// of the certificate.//// RenewalStatus is a required field
RenewalStatus *string `type:"string" required:"true" enum:"RenewalStatus"`
// contains filtered or unexported fields
}

type RequestCertificateInput struct {
// Fully qualified domain name (FQDN), such as www.example.com, of the site// that you want to secure with an ACM Certificate. Use an asterisk (*) to create// a wildcard certificate that protects several sites in the same domain. For// example, *.example.com protects www.example.com, site.example.com, and images.example.com.//// The maximum length of a DNS name is 253 octets. The name is made up of multiple// labels separated by periods. No label can be longer than 63 octets. Consider// the following examples://// (63 octets).(63 octets).(63 octets).(61 octets) is legal because the total// length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets.//// (64 octets).(63 octets).(63 octets).(61 octets) is not legal because the// total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds// 63 octets.//// (63 octets).(63 octets).(63 octets).(62 octets) is not legal because the// total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.//// DomainName is a required field
DomainName *string `min:"1" type:"string" required:"true"`
// The domain name that you want ACM to use to send you emails to validate your// ownership of the domain.
DomainValidationOptions []*DomainValidationOption `min:"1" type:"list"`
// Customer chosen string that can be used to distinguish between calls to RequestCertificate.// Idempotency tokens time out after one hour. Therefore, if you call RequestCertificate// multiple times with the same idempotency token within one hour, ACM recognizes// that you are requesting only one certificate and will issue only one. If// you change the idempotency token for each call, ACM recognizes that you are// requesting multiple certificates.
IdempotencyToken *string `min:"1" type:"string"`
// Additional FQDNs to be included in the Subject Alternative Name extension// of the ACM Certificate. For example, add the name www.example.net to a certificate// for which the DomainName field is www.example.com if users can reach your// site by using either name. The maximum number of domain names that you can// add to an ACM Certificate is 100. However, the initial limit is 10 domain// names. If you need more than 10 names, you must request a limit increase.// For more information, see Limits (http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html).
SubjectAlternativeNames []*string `min:"1" type:"list"`
// contains filtered or unexported fields
}

type ResendValidationEmailInput struct {
// String that contains the ARN of the requested certificate. The certificate// ARN is generated and returned by the RequestCertificate action as soon as// the request is made. By default, using this parameter causes email to be// sent to all top-level domains you specified in the certificate request.//// The ARN must be of the form://// arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012//// CertificateArn is a required field
CertificateArn *string `min:"20" type:"string" required:"true"`
// The fully qualified domain name (FQDN) of the certificate that needs to be// validated.//// Domain is a required field
Domain *string `min:"1" type:"string" required:"true"`
// The base validation domain that will act as the suffix of the email addresses// that are used to send the emails. This must be the same as the Domain value// or a superdomain of the Domain value. For example, if you requested a certificate// for site.subdomain.example.com and specify a ValidationDomain of subdomain.example.com,// ACM sends email to the domain registrant, technical contact, and administrative// contact in WHOIS and the following five addresses://// * admin@subdomain.example.com//// * administrator@subdomain.example.com//// * hostmaster@subdomain.example.com//// * postmaster@subdomain.example.com//// * webmaster@subdomain.example.com//// ValidationDomain is a required field
ValidationDomain *string `min:"1" type:"string" required:"true"`
// contains filtered or unexported fields
}